Vulnerability Details : CVE-2020-6148


CVE Name: CVE-2020-6148: Memory Corruption vulnerability on Pixar Openusd
Description: A heap overflow vulnerability exists in Pixar OpenUSD 20.05 when the software parses compressed sections in binary USD files. An instance exists in USDC file format FIELDSETS section decompression heap overflow.
Publish date: 2020-11-13T15:15Z
Last Update: 2022-05-13T20:57Z

CVSS Scores & Vulnerability Types


CVSS Score
Confidentiality ImpactHIGH
Integrity ImpactHIGH
Availability ImpactHIGH
Actack VectorLOCAL
Actack ComplexityLOW
Privileges RequiredNONE
User InteractionREQUIRED
ScopeUNCHANGED
Vulnerability Type(s)Memory Corruption
CWE ID787

Products Affected By CVE-2020-6148


# Vendor Product Vulnerable Versions
1 Pixar Openusd 1

Detail of Verions Affected


# Product Type Vendor Product Version
1 Application Pixar Openusd 20.05

References For CVE-2020-6148


Hyperlink Resource
https://talosintelligence.com/vulnerability_reports/TALOS-2020-1094 Exploit, Third Party Advisory